SSL session cache full
Cox, Eric S
eric.cox at kroger.com
Mon Mar 16 13:58:29 UTC 2020
How can this be monitored however?
-----Original Message-----
From: nginx <nginx-bounces at nginx.org> On Behalf Of Maxim Dounin
Sent: Monday, March 16, 2020 8:33 AM
To: nginx at nginx.org
Subject: Re: SSL session cache full
** [EXTERNAL EMAIL]: Do not click links or open attachments unless you recognize the sender and know the content is safe. **
Hello!
On Mon, Mar 16, 2020 at 12:36:21AM -0700, Frank Liu wrote:
> I have a question after reading https://nam05.safelinks.protection.outlook.com/?url=https%3A%2F%2Ftrac.nginx.org%2Fnginx%2Fticket%2F621&data=02%7C01%7Ceric.cox%40kroger.com%7C55d4953f99d1463d5b0408d7c9a63bc9%7C8331e14a91344288bf5a5e2c8412f074%7C0%7C0%7C637199588132799634&sdata=1oXIyqckAq1MsnmVYoskBJH8ixRGoWqkVcOiajUtkW8%3D&reserved=0 .
> When that alert is logged in error log, what will happen to the connection?
> Will the client get an error (such as HTTP 4XX), or will it work as if
> the server doesn't support session resumption?
> As mentioned in comment3 in that ticket, for 2-way SSL clients, this
> could happen more frequently, will nginx fail the 2-way SSL handshake
> and give 4xx error?
The error in question simply means the session won't be cached, so it cannot be resumed later. No SSL handshake or HTTP level errors will happen.
--
Maxim Dounin
https://nam05.safelinks.protection.outlook.com/?url=http%3A%2F%2Fmdounin.ru%2F&data=02%7C01%7Ceric.cox%40kroger.com%7C55d4953f99d1463d5b0408d7c9a63bc9%7C8331e14a91344288bf5a5e2c8412f074%7C0%7C0%7C637199588132799634&sdata=gjfmvOiIz16HqBEFWRrunTUE4ihOQilCbL%2FRCMrkzWc%3D&reserved=0
_______________________________________________
nginx mailing list
nginx at nginx.org
https://nam05.safelinks.protection.outlook.com/?url=http%3A%2F%2Fmailman.nginx.org%2Fmailman%2Flistinfo%2Fnginx&data=02%7C01%7Ceric.cox%40kroger.com%7C55d4953f99d1463d5b0408d7c9a63bc9%7C8331e14a91344288bf5a5e2c8412f074%7C0%7C0%7C637199588132799634&sdata=luC3%2FBJR2uJuG55O1UHl9FbxiwUP0QZ22nRHrf21kQ4%3D&reserved=0
________________________________
This e-mail message, including any attachments, is for the sole use of the intended recipient(s) and may contain information that is confidential and protected by law from unauthorized disclosure. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message.
More information about the nginx
mailing list